I can't open my honeypot 😥😢😭
Do you guys think installing Java will help? xD

Setup my port honeypot today finally, including port 22, then wrote a custom dashboard for some data tracking, feels great to have it open on my screen seeing the bans just roll in every 2 seconds of refresh, the highest hits are as expected from china, russia and india, also filed ~700 reports and already got 300 banned from their service. (mainly Microsoft Azure for whatever reason)

I wanted to first automate that (or atleast blacklist report to various IP lists via API), but then I was afraid that I'll be one day stupid enough to somehow get banned - don't want myself to get reported lol

This is my bottom drawer. That's +150 packets of honey from the cafe downstairs. I've been slowly collecting them since I started working here. I'm leaving soon and thinking about leaving them so the next dev can have a pleasant surprise 😂

I've never been hacked - not that I know of :D - and never "hacked" someone else.
(Sure, I did some things in high school to circumvent certain restrictions but nothing worth mentioning whatsoever.)

But all these rants that I read so far have me wondering if I shouldn't simply setup a honeypot sometime when I'm about to be really bored just to have some fun. Then again, I don't have time to be bored. :/

I've just checked my server's auth logs and my god that's a lot of failed ssh login attempts.

I think I'll install an ssh honeypot to waste these peoples time...

So, I just setup a honeypot on my freshly installed Mint Laptop.

So many SSH connections, it's absolutely unbelievable. Can someone recommend me a good honeypot? I have only the SSH port monitored at the moment.

Spam assassin kills most of the spam I get before I see it. It works pretty well. However, I started getting a fuck ton of spam from some asshole on a Turkey server. You cannot forward spam to the gov anymore so what to do (They use a honeypot. Apparently it doesn't catch everything.)? Well I got the abuse email account address for the server. Then I went into my servers spam filter for the email address I am having issues with. Then I redirect the email to this abuse email address. Then I delete it from the server. This makes it so my email client never sees the message and I automagically notify the abuse account. If the abuse account is owned by the spammer then he is just filling up his own server with shit.

Anybody else have fun or interesting ways with dealing with spam the regular filters don't catch?

We support a system we inherited from another company, it’s an online document store for technical specifications of electronic devices used by loads of people.

This thing is the biggest pile of shite I’ve ever seen, it wasn’t written by developers but rather by civil engineers who could write vb...so needless to say it’s classic asp running on iis, but it’s not only written in vbscript oh god no, some of it is vb other parts is jscript (Microsoft’s janky old JavaScript implementation) and the rest is php.

When we first inherited it we spent the best part of 2 months fixing security vulnerabilities before we were willing to put it near the internet - to this day I remain convinced the only reason it was never hacked is that everything scanning it thought it was a honeypot.

We’ve told the client that this thing needs put out of its misery but they insist on keeping it going. Whenever anything goes wrong it falls to me and it ends up taking me days to work out what’s happening with it. So far the only way I’ve worked out how to debug it is to start doing “Response.AddHeader(‘debug’, ‘<thing>’) on the production site and looking at the header responses in the browser.
I feel dirty doing that but it works so I don’t really care at this point

FUCK I hate this thing!

When the browser autocompletes your honeypot and some users now can't login...

Happened to my colleague today, can't really blame him too, it's an effective trap...

Jeffrey Epstein is a hero and a genius.

...

1) He created an island for pedophiles

2) Little do those pedophiles know, the island is a honeypot

3) He targeted kiddie fuckers but not any, only the most extremely wealthy ones

4) He milked millions of dollars off them for a chance to stretch a fresh virgin pussy

5) He then recorded them secretly while they were fucking those kids, but Epstein was nowhere seen on those videos

6) He blackmailed them to release those videos in case he gets killed or bribed or any way gets turned against him

7) Epstein gets killed (no he didnt kill himself), and now the Epstein list of child fuckers gets released somehow to the public

8) Bill Clinton, Prince Adrew, Richard Branson gangfucked kiddies and Epstein recorded them secretly -- now theres a footage of that orgy floating around on the internet, as of latest news 1 hour ago

9) Richard Branson -- the founder of VIRGIN media... Come on? Truth hidden in plain sight. Right in front of our fucking eyes. Guy literally became a billionaire by fucking children and laundering that money through LLC company "VIRGIN" media. Why VIRGIN? Because the kiddies he fucked were virgins

---

If Epstein didnt do this then someone else would do it and NOT record anything.

Epstein, although still evil, opened the eyes of the world.

Epstein is Batman.

When you make a honeypot... but no bears come... ONLY RUSSIAN AND CHINESE HACKERS!

Anybody else having issues with the barnypok spam bot bypassing the honeypot technique?

Anyone heard Of HoneyPot?

The interview platform thing